Attack-Tolerant Security Model for WS-Security

被引:0
|
作者
Jesudoss, A. [1 ]
Subramaniam, N. P. [2 ]
机构
[1] Sathyabama Univ, Fac CSE, Madras, Tamil Nadu, India
[2] Pondicherry Engn Coll, Dept EEE, Pondicherry, India
来源
2014 IEEE INTERNATIONAL CONFERENCE ON CIRCUIT, POWER AND COMPUTING TECHNOLOGIES (ICCPCT-2014) | 2014年
关键词
XML Signature; XML Encryption; Digital Signature; Security Token; Authentication; Integrity; Confidentiality;
D O I
暂无
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
WS-Security is an emerging standard for securing the web services. In this paper, we propose an attack-tolerant security model for WS-Security. This security model incorporates various features for WS-Security such as Time Stamp on SOAP message, parameter validation, etc. WSSecurity has been implemented for online credit card transaction of a Web service. The various attacks on Web service and its countermeasures are discussed throughout this paper. The proposed security model has been designed with many essential design considerations. Hence, the proposed model makes the Web service an Attack-Tolerant Security Model.
引用
收藏
页码:1536 / 1540
页数:5
相关论文
共 50 条
  • [1] Generic security policy transformation framework for WS-Security
    Satoh, Fumiko
    Yamaguchi, Yumi
    [J]. 2007 IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES, PROCEEDINGS, 2007, : 513 - +
  • [2] Validating Security Policy Conformance with WS-Security Requirements
    Satoh, Fumiko
    Uramoto, Naohiko
    [J]. ADVANCES IN INFORMATION AND COMPUTER SECURITY, 2010, 6434 : 133 - 148
  • [3] Web Service security -: Vulnerabilities and threats within the context of WS-security
    Holgersson, J
    Söderström, E
    [J]. PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON STANDARDIZATION AND INNOVATION IN INFORMATION TECHNOLOGY, 2005, : 147 - 155
  • [4] Implementation of WS-Security and its performance improvements
    Makino, S
    Tamura, K
    Imamura, T
    Nakamura, Y
    [J]. ICWS'03: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON WEB SERVICES, 2003, : 256 - 261
  • [5] Verified reference implementations of WS-security protocols
    Bhargavan, Karthikeyan
    Fournet, Cedric
    Gordon, Andrew D.
    [J]. WEB SERVICES AND FORMAL METHODS, PROCEEDINGS, 2006, 4184 : 88 - 106
  • [6] Security Testing Methodology for Vulnerabilities Detection of XSS in Web Services and WS-Security
    Salas, M. I. P.
    Martins, E.
    [J]. ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2014, 302 : 133 - 154
  • [7] Integrated Security Control for Nonlinear CPS with Actuator Fault and FDI Attack: An Active Attack-Tolerant Approach
    Zhao, Li
    Li, Wei
    Li, Yajie
    Han, Nani
    Zheng, Naiqin
    [J]. ACTUATORS, 2023, 12 (05)
  • [8] Authenticated web services: A WS-Security based implementation
    Auletta, Vincenzo
    Blundo, Carlo
    Cimato, Stelvio
    De Cristofaro, Emiliano
    Raimato, Guerriero
    [J]. NEW TECHNOLOGIES, MOBILITY AND SECURITY, 2007, : 541 - +
  • [9] 基于WS-security的数据安全交换
    柳翠寅
    袁继敏
    韩敏
    [J]. 微计算机信息, 2007, (30) : 91 - 93
  • [10] Server-Side Streaming Processing of WS-Security
    Gruschka, Nils
    Jensen, Meiko
    Lo Iacono, Luigi
    Luttenberger, Norbert
    [J]. IEEE TRANSACTIONS ON SERVICES COMPUTING, 2011, 4 (04) : 272 - 285
12345